1. Field of the Invention
The present invention relates to wireless networks, and more particularly, to secure data transmissions over wireless networks.
2. Description of the Related Art
Wireless networks are often used to transmit messages from one location in a network to a destination location in the network. These messages contain data to be supplied to the destination location. More specifically, the messages include a header portion and a data portion. The header portion includes an address of the destination location, and the data portion contains data. The destination location is, for example, a mobile device or a server. A mobile device typically interacts with wireless networks to receive various types of notifications or to request and receive data from another network to which the wireless network is connected.
FIG. 1 is a block diagram of a conventional wireless communication network 100. The wireless communication system 100 includes a sever 102, a wireless network 104, and mobile devices 106. There are n mobile devices 106-1 through 106-n. The server 102 is typically a computer system that operates to send and receive messages to and from the mobile devices 106. The messages are often blocks of data that are to be transmitted to the mobile device 106. As examples, the data can pertain to various types of notifications, electronic mail, news data, configuration information, data files, library files, program files, etc. The messages can also be requests for information (e.g., certain data) that are transmitted from the mobile devices 106 to the server 102. The server 102 may also connect to other wired or wireless networks to receive messages from or forward messages to other computer systems. As an example, the server 102 can be connected to the Internet. For example, the server 102 can be a proxy server (or link server) coupled to the Internet or a network gateway coupled to a network. The tremendous growth of the Internet in recent years has fueled the need to provide mobile devices such as mobile telephones, personal digital assistants (PDAs) and the like with access to information and services available on the Internet.
The wireless network 104 typically uses radio transmissions to communicate with the mobile devices 106. The wireless network 104 can use a variety of different networks and communication protocols. Examples of wireless networks include Cellular Digital Packet Data (CDPD), Global System for Mobile Communications (GSM), Code Division Multiple Access (CDMA) and Time Division Multiple Access (TDMA) to name a few, and each of these wireless networks has different data transfer characteristics such as latency, bandwidth, protocols and connection methods. As examples, protocols can be Internet Protocol (IP), Short Messaging System (SMS) and Unstructured Supplementary Service Data (USSD), and connection methods can include packet switched or circuit switched.
As an example, a message to be sent by the server 102 to the mobile device 106-2 would contain an address that particularly identifies the mobile device 106-2. The message is then provided by the server 102 to the wireless network 104. For example, one wireless data network is a packet switched network using a Small Message Server Center (SMSC) which has a relatively small packet size (e.g., 140 bytes). The wireless network 104 causes the message to be properly routed to the mobile device 106-2 (i.e., in accordance with the address). The transmission between the wireless network 104 and mobile device 106-2 is wireless. The mobile device 106-2 receives the message that has been transmitted the wireless network 104. The mobile device 106-2 can then store the message and perform predetermined processing actions such as, for example, notifying a user of the mobile device 106-2 of the reception of the message.
Before transmitting messages or data between the server 102 and the mobile devices 106, a connection between the server 102 and the particular one of the mobile devices 106 needs to be made, unless already established. Additionally, when the data to be transmitted is private or confidential, then a secure connection is to be used. A secure connection is a type of connection in which security measures are taken so that only the sender and desired receiver can understand the data. The security measures are implemented by cryptographic techniques such as encryption. Cryptographic techniques are described in detail in Schneier, "Applied Cryptography," Second Edition, John Wiley & Sons, Inc. (1996), which is hereby incorporated by reference.
A secure connection is established in accordance with protocols concerning transmissions over wireless networks. Examples of protocols that are able to provide secure connections include Handheld Device Transport Protocol (HDTP) and Wireless Transport Layer Security (WTLS). HDTP is described in "HDTP Draft Specification," version 1.1 (1997), and is hereby incorporated by reference. The WTLS is the security layer protocol for Wireless Application Protocol (WAP). WTLS is described in "Wireless Application Protocol Wireless Transport Layer Security" (WAP WTLS), Wireless Application Forum, Apr. 30, 1998, and is hereby incorporated by reference.
One problem with the conventional approach to establishing a secure connection is that it requires a two-way data channel. As examples, both the HDTP and the WTLS protocols require a handshake operation between the server and a mobile device to establish a secure connection. Conventionally, the two-way data channel is needed to provide the handshake operation. As a result, one-way data channels have not been able to utilize the security features of protocols that require a handshake operation.
In some wireless networks, the server and the mobile devices can be connected by two or more channels. In one case, the server and mobile devices can be connected over a one-way data channel and a two-way data channel. A representative network (e.g., GSM) having such characteristics can use a Short Message Service Center (SMSC) to provide the one-way data channel and an Interworking Function (IFW) to provide the two-way data channel. In such a network, the one-way data channel is often considered a narrowband channel and the two-way data channel is often considered a wideband channel. As an example, the narrowband channel can transfer data at a rate of about 400 bits per second (bps), while the wideband channel can transfer data at a rate of at least 14400 bps. It is thus not uncommon that a server and a mobile device be connected (or connectable) by both a two-way channel and a one-way channel. Typically, the server and the client will decide to use either or both of the channels depending on the urgency of the data, the cost willing to incur, etc. Use of a two-way channel often causes the mobile device to incur charges (i.e., fees) from a carrier that provides the service to the mobile device. In contrast, use of a one-way, narrowband channel is often available at no cost or at a fixed cost regardless of usage. The one-way channel, however, is not able to establish secure connections because the conventional approaches to security require a two-way channel. This seriously impedes the secure transmission of data over one-way channels.
Thus, there is a need for improved approaches to providing secure data transmissions over one-way channels.